openssl cms verification date

Hubert Kario hkario at redhat.com
Thu Feb 8 15:57:07 UTC 2024 

On Thursday, 8 February 2024 14:13:35 CET, François Legal wrote:
> Le Jeudi, Février 08, 2024 11:46 CET, Tomas Mraz 
> <tomas at openssl.org> a écrit: 
>  
>> On Thu, 2024-02-08 at 11:37 +0100, François Legal wrote:
>>> Hello,
>>> 
>>> I'm new to this list.
>>> 
>>> I'm using pkcs7 packages to embbed firmware, to procide authenticity
>>> verification before doing firmware upgrades.
>>> 
>>> I use the openssl cms command for verification purpose, but face the
>>> following problem :
>>> when doing verify, openssl cms -verify does check whether the signing
>>> certificate is valid today, not whether or not it was still valid
>>> when the package got signed.
>>> 
>>> I saw the -attime option to specify the verification date, but found
>>> no easy way to fetch the signature date from the package for each
>>> signature.
>>> 
>>> So I was wondering if it was the intended function that the
>>> certificate validity verification was made at the verification date
>>> and not the signature date.
>> 
>> Yes, this was certainly intentional. I could envision that a new option
>> could be added to the cms command that would verify the signature at
>> the date when the signature was made. However please note that without
>> some kind of assurance that the signature was really made at the time
>> that is recorded in the message, the signature could have been done
>> with a key that was already expired anyway. This assurance is done
>> usually by timestamping via a trusted timestamping authority but there
>> might be other means.
>> 
>
> Sure I get the point. You can't really be sure that the 
> signature was made at the clained time as the signerInfo 
> structure is not signed itself. Could you please comment however 
> on why verifying the validity of the certificate at the 
> verification date is better in that matter.
> I already have a patch to provide for verifying the signature 
> at signature time. Shall I send a pull request ?

I'd suggest reading the CAdES[1] standards for electronic signatures that 
are
supposed to be verified years after the signature were made. It goes
into detail what you need to do.

In practice it means:

 * you need trusted timestamps from a time stamping
   authority in the CAdES format (that will allow for automated 
verification).
 * Or a notary document stating that given signature was made before given
   date (that will require manual verification).

 1 - https://en.wikipedia.org/wiki/CAdES_(computing)
-- 
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic

More information about the openssl-users mailing list